CN117201170A - Method for enhancing security of asymmetric encryption algorithm - Google Patents
Method for enhancing security of asymmetric encryption algorithm Download PDFInfo
- Publication number
- CN117201170A CN117201170A CN202311285255.2A CN202311285255A CN117201170A CN 117201170 A CN117201170 A CN 117201170A CN 202311285255 A CN202311285255 A CN 202311285255A CN 117201170 A CN117201170 A CN 117201170A
- Authority
- CN
- China
- Prior art keywords
- private key
- user
- encryption algorithm
- public key
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004422 calculation algorithm Methods 0.000 title claims abstract description 113
- 238000000034 method Methods 0.000 title claims abstract description 70
- 230000002708 enhancing effect Effects 0.000 title claims abstract description 17
- 238000005516 engineering process Methods 0.000 claims abstract description 25
- 238000004364 calculation method Methods 0.000 claims abstract description 14
- 238000007620 mathematical function Methods 0.000 claims description 54
- 238000010586 diagram Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 230000002427 irreversible effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012886 linear function Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012887 quadratic function Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a method for enhancing the security of an asymmetric encryption algorithm, which comprises the following steps: firstly, establishing a basic database; the user obtains a first public key and a first private key through an asymmetric encryption algorithm; calculating a first public key and a first private key obtained by a user in one step, and storing the mathematical questions to a basic database through an information hiding technology; carrying out hash calculation on the mathematical questions, wherein a hash result is used as a second private key; encrypting a plaintext to be encrypted through an encryption process of a first public key by using an asymmetric encryption algorithm when a user encrypts, and storing encrypted ciphertext information into a basic database; when the user decrypts, the plaintext information can be obtained only by inputting the second private key of the user; on the basis of the existing encryption technology, the public key and the private key obtained by the user and the ciphertext information encrypted by the public key are further processed, so that the encryption technology is safer.
Description
Technical Field
The invention discloses a cryptography technology and an asymmetric encryption technology, and particularly relates to a method for enhancing security of an asymmetric encryption algorithm.
Background
The asymmetric encryption algorithm generates two keys: public and private keys; the public key and the private key of each user form a pair of keys, and if the public key is used for encrypting the data, the data can be decrypted only by the corresponding private key; because two different keys are used in encryption and decryption, the algorithm is called an asymmetric encryption algorithm.
Characteristics of asymmetric cryptosystem: the algorithm strength is complex, and the security depends on the algorithm and the secret key; however, the algorithm is complex, so that the encryption and decryption speeds are not as fast as those of symmetric encryption and decryption; only one key is in the symmetrical cipher system and is not public, if decryption is needed, the opposite party can know the key, so that the security of the symmetric cipher system is ensured, and the security of the key is ensured; the asymmetric key system has two keys, wherein the public key is public and the private key is secret, so that the asymmetric cipher system can not need to transmit the key of the other party like a cipher, and the security is much safer than that of a symmetric encryption algorithm.
Existing asymmetric encryption algorithms include: RSA, ECC (elliptic curve cryptography), elgamal and knapsack algorithms, etc., wherein the most commonly used encryption algorithms are RSA, ECC and Elgamal, e.g., RSA and ECC asymmetric encryption algorithms are employed in the blockchain; asymmetric encryption algorithms play an important role in the security of network communications.
Therefore, it is safer to encrypt the data by the asymmetric encryption algorithm, but with the continuous progress of science and technology, especially the advent of quantum computers, the asymmetric encryption algorithm faces quantum computing threat, and the security of the asymmetric encryption algorithm is continuously reduced, so we need to find a safer encryption algorithm or a method capable of enhancing the security of the asymmetric encryption algorithm to encrypt the data.
Disclosure of Invention
The invention aims to overcome the problems existing in the prior art and greatly improve the technical effect on the basis of the prior art; to this end, the present invention provides a method of enhancing security of an asymmetric encryption algorithm, the method comprising:
first, a base database is established, the base database comprising: all data collected before the system operates;
generating a pair of keys of a user through an asymmetric encryption algorithm, wherein the pair of keys consists of a public key and a private key, the public key is regarded as a first public key of the user, and the private key is regarded as a first private key of the user;
calculating a first public key and a first private key of a user in one step, wherein the first public key and the first private key of the user are included in the random mathematic questions, and hiding the random mathematic questions into the basic database through an information hiding technology;
obtaining a hash value of the mathematical problem, and taking the obtained hash value as a second private key of the user;
when encrypting, a sender user inquires and acquires a receiver user first public key, the acquired receiver user first public key encrypts plaintext data to be encrypted through an encryption process of an asymmetric encryption algorithm to acquire ciphertext information, and the ciphertext information is hidden in the basic database through an information hiding technology;
and when decrypting, the receiver user obtains the plaintext information by inputting the second private key of the receiver user.
Further, the data in the base database is updated continuously over time, but the original data content is kept.
Further, the method for calculating the one-step random mathematical problem is carried out on the first public key and the first private key of the user: generating a random mathematical function by the system: ω=g (μ, v), substituting the first public key and the first private key of the user into the mathematical function for calculation; where μ in the mathematical function ω=g (μ, v) is taken as the first public key found by the asymmetric encryption algorithm, v is taken as the first private key found by the asymmetric encryption algorithm, ω is the result of the mathematical function.
Further, a method for obtaining the hash value of the mathematical problem and taking the obtained hash value as the second private key of the user comprises the following steps: performing hash calculation on a mathematical function omega=g (mu, v) through a hash algorithm, converting the mathematical function into a hash value, and regarding the obtained hash value as a second private key of the user; the hashing of the logarithmic function ω=g (μ, v) refers to hashing the entire function of the logarithmic function, rather than merely hashing the result ω of the logarithmic function.
Further, the method for obtaining the hash value of the mathematical problem and taking the obtained hash value as the second private key of the user further comprises the following steps: and storing a mathematical function omega=g (mu, v) for hash calculation in a basic database, generating a second private key address, and hiding and disguising the second private key address through an information hiding technology.
Further, the encryption method comprises the following steps: when encrypting, a sender user obtains a first public key of a receiver user through inquiry, encrypts plaintext information to be transmitted through the obtained first public key of the receiver user in an asymmetric encryption algorithm encryption process, generates a ciphertext address of encrypted ciphertext information, stores the generated ciphertext address in a basic database, and conceals and disguises the ciphertext address through an information hiding technology.
Further, the decryption method comprises the following steps: during decryption, the receiver user automatically decrypts by inputting the second private key.
The method for automatically decrypting the system comprises the following steps: firstly, locking a second private key address of a receiver user, verifying a mathematical function omega=g (mu, v) of the second private key address, and verifying whether a hash value converted by the mathematical function omega=g (mu, v) is identical to the second private key of the receiver user, if so, proving that the second private key input by the user is correct; if the second private key of the receiver user is verified to be correct, in the mathematical function omega=g (mu, v), mu is the first public key of the receiver user, v is the first private key of the receiver user, and the first public key mu of the receiver user is already disclosed in the whole network, then the first private key of the receiver user is obtained to be v through the mathematical function omega=g (mu, v); and locking the ciphertext address generated after being encrypted by the first public key of the receiver user by the obtained first private key v of the receiver user, finally obtaining plaintext information by decrypting Cheng Jiemi ciphertext information by an asymmetric encryption algorithm, and feeding the obtained plaintext information back to the receiver user.
The beneficial effects of the invention are as follows:
the encryption method of the invention is based on the first public key and the first private key generated by the asymmetric encryption algorithm, and adopts a mode of generating the second private key by using a random mathematical function omega=g (mu, v), the first private key generated by the asymmetric encryption algorithm is kept secret, and the second private key is used for decryption during decryption; in the invention, even if a third party knows the public key, the first private key of the user in the asymmetric encryption algorithm is obtained through quantum computation and cracking, but the second private key of the user is difficult to obtain, so that the encryption and decryption process is safer; meanwhile, the invention further enhances the safety of the asymmetric encryption algorithm by applying the irreversible principle of hash value solving and the information hiding technology, thereby reducing the threat of quantum calculation to the asymmetric encryption algorithm.
Drawings
Fig. 1: the invention discloses a flow chart of a method for enhancing the security of an asymmetric encryption algorithm.
Fig. 2: the encryption and decryption process of the present invention is schematically shown.
Detailed Description
Specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings; it should be understood that the particular embodiments presented herein are illustrative and explanatory only and are not restrictive of the invention.
As shown in fig. 1, a flowchart of a method for enhancing security of an asymmetric encryption algorithm according to the present invention is shown, where the flowchart includes: step S200, a basic database is established, and the basic database includes: all data collected before the system operates; step S201, generating a pair of keys of a user through an asymmetric encryption algorithm, wherein the pair of keys consists of a public key and a private key, the public key is regarded as a first public key of the user, and the private key is regarded as a first private key of the user; step S202, calculating a first public key and a first private key of a user in one step, wherein the first public key and the first private key of the user are included in the random mathematic questions, and the random mathematic questions are hidden into the basic database through an information hiding technology; step S203, the hash value of the mathematical problem is obtained, and the obtained hash value is used as a second private key of the user; step S204, during encryption, a sender user inquires and acquires a receiver user first public key, plaintext data to be encrypted is encrypted through an encryption process of an asymmetric encryption algorithm by the acquired receiver user first public key, ciphertext information is acquired, and the ciphertext information is hidden in the basic database through an information hiding technology; in step S205, during decryption, the receiving user obtains the plaintext information by inputting the second private key of the receiving user.
In the above embodiment, specifically, the method for enhancing the security of the asymmetric encryption algorithm of the present invention is based on the original asymmetric encryption algorithm, and the private key generated by the original asymmetric encryption algorithm is kept secret, and the second private key generated by the mathematical function is used for decryption; the specific process is as follows: firstly, regarding a public key and a private key generated through an asymmetric encryption algorithm as a first public key and a first private key, carrying out private key encryption processing on the generated first private key, and combining the first public key and the first private key through a mathematical function omega=g (mu, v), wherein mu is the first public key, and v is the first private key; performing hash calculation on a mathematical function omega=g (mu, v), and regarding the hash value as a second private key, wherein the second private key is only stored by a user corresponding to the first private key; generating a second private key address by using a mathematical function omega=g (mu, v) for hash calculation, and hiding the generated second private key address in a basic database by using an information hiding technology; when encrypting, encrypting a plaintext by a first public key mu generated by an asymmetric encryption algorithm, generating a ciphertext address by the encrypted ciphertext, wherein the ciphertext address is not disclosed to anyone, and hiding the generated ciphertext address in a basic database by an information hiding technology; when decrypting, the user inputs a second private key, the blockchain automatically locks the address of the second private key, the first private key v of the user is obtained through the address of the second private key, the first private key v locks the ciphertext address generated after the encryption process of the asymmetric encryption algorithm is carried out through the first public key mu of the user, and ciphertext information in the ciphertext address is decrypted, so that plaintext information is obtained.
Step S200, a basic database is established, and the basic database includes: all data collected before the system was run.
Specifically, the base database is created using any suitable method, such as a method that creates a database using MySQL and a method that creates a database using SQL Server; the data in the basic database is updated continuously along with the time, but the original data content needs to be reserved, and the reason for the original data content is to avoid the hiding and disguising data loss of the invention.
In step S201, a pair of keys of the user is generated by an asymmetric encryption algorithm, wherein the pair of keys consists of a public key and a private key, the public key is regarded as a first public key of the user, and the private key is regarded as a first private key of the user.
Specifically, the asymmetric encryption algorithm is any asymmetric encryption algorithm conforming to the theme, wherein the conforming theme means that the asymmetric encryption algorithm forms a pair of keys, and the keys comprise a public key and a private key, and the public key is used for encryption in general, and the private key is used for decryption; or the private key is used for signing, and the public key is used for verifying the signature; the invention takes the generated user public key as the first public key, takes the generated user private key as the first private key, and the first public key is disclosed to the outside.
In the above embodiments, for ease of understanding, the RSA encryption algorithm and the ECC (elliptic curve encryption algorithm) are selected first to specifically describe the embodiments of the present invention.
The RSA encryption algorithm generates a public key and a private key:
1) Randomly generating two large prime numbers p and q through RSA 1024;
2) N=pq is calculated and,destroying p and q;
3) Random one andthe number e of mutual mass, i.e.)>
4) Finding a number d such that e and d combine to satisfy ed
5) Generating a public key as (n, e) and a private key as (n, d).
Process of ECC (elliptic curve cryptography) generating public and private keys:
a) Selecting an elliptic curve Ep (a, b) and taking a point on the elliptic curve as a base point P;
b) A large number k is selected as the private key and a public key q=kp is generated.
The public key and the private key of the user are generated through the asymmetric encryption algorithm RSA and ECC, namely the first public key and the first private key of the invention are generated.
Step S202, a step of calculating a random mathematic problem is carried out on a first public key and a first private key of a user, wherein the random mathematic problem comprises the first public key and the first private key of the user, and the random mathematic problem is hidden into the basic database through an information hiding technology.
Specifically, the random mathematical problem is any mathematical function which accords with the problem, and the mathematical function needs to comprise a first public key and a first private key of a user; the mathematical functions are randomly generated, and the system needs to continuously expand the form and the number of the mathematical functions, so that the security of the encryption method of the invention is improved.
Specifically, the method for calculating the one-step random mathematical problem on the first public key and the first private key of the user comprises the following steps: generating a random mathematical function by the system: ω=g (μ, v), substituting the first public key and the first private key of the user into the mathematical function for calculation; where μ in the mathematical function ω=g (μ, v) is taken as the first public key found by the asymmetric encryption algorithm, v is taken as the first private key found by the asymmetric encryption algorithm, ω is the result of the mathematical function.
Preferably, taking the RSA encryption algorithm as an example, the randomly generated mathematical function is: let μ be the first public key found by the RSA encryption algorithm, i.e., μ= (n, e), and v be the first private key of the RSA encryption algorithm, i.e., v= (n, d); the random function ω=g (μ, v) is a function including the factors μ= (n, e) and v= (n, d).
Preferably, the functional relation satisfying the above may be: λ=h (μ) f (v), where μ= (n, e), v= (n, d), h (μ) and f (v) are binary functions, i.e. the functional relation is: λ=h (n, e) F (n, d).
Preferably, taking an ECC encryption algorithm as an example, the randomly generated mathematical function is: let μ be regarded as the first public key found by the ECC encryption algorithm, i.e., μ=q; considering v as a first private key solved by an ECC encryption algorithm, i.e., v=k; the random function ω=g (μ, v) is a function comprising the factors μ and v.
Preferably, assuming that the Q point coordinates are (a, b), satisfying the above functional relation may be:where μ=q, v=k, i (μ) is a quadratic function, j (v) is a linear function, i.e. the functional relationship can be expressed as: />
In the above embodiment, it is noted that the functions ω=g (μ, v), λ=h (μ) f (v), andit is not mandatory that any function or component of a function be a function of a specified number of times, only that the random function contains the first public key mu and the first private key v, e.g. the random function may be expressed as: ω=g (μ, v, x, …), it can be seen that the random function ω=g (μ, v, x, …) comprises other factors than the first public key μ and the first private key v.
Step S203, a hash value of the mathematical problem is obtained, and the obtained hash value is used as the second private key of the user.
Specifically, a method for obtaining a hash value of the mathematical problem and using the obtained hash value as a second private key of the user comprises the following steps: performing hash calculation on a mathematical function omega=g (mu, v) through a hash algorithm, converting the mathematical function into a hash value, taking the obtained hash value as a second private key of a user, sending the second private key to the user, and requiring only the user to know the hash value; the hashing of the logarithmic function ω=g (μ, v) refers to hashing the entire function of the logarithmic function, rather than merely hashing the result ω of the logarithmic function.
Preferably, the mathematical function ω=g (μ, v) is hashed using the SHA256 hash algorithm, which is converted into a 64-bit hash value, which is regarded as the second private key of the user.
In the above technical solution, the SHA256 hash algorithm is one of hash algorithms, and others further include: MD5, SHA-1, etc.; the hash algorithm is a hash function, by which a string of characters of any length can be converted into a hash value of a fixed length, and it is easy to convert the characters into the hash value, and by which it is impossible to calculate the original string in turn, so that the calculation of the Ha Xisan hash value is irreversible.
After the hash value of the mathematical function is obtained, the mathematical function omega=g (mu, v) for hash calculation is stored in a basic database, a second private key address is generated, and the second private key address is hidden by disguising technologies such as digital watermarking and the like.
Step S204, during encryption, a sender user inquires and acquires a receiver user first public key, plaintext data to be encrypted is encrypted through an encryption process of an asymmetric encryption algorithm by the acquired receiver user first public key, ciphertext information is obtained, and the ciphertext information is hidden in the basic database through an information hiding technology.
Specifically, during encryption, a sender user needs to acquire a first public key of a receiver user, an asymmetric encryption algorithm is performed on a plaintext to be transmitted through the acquired first public key of the receiver user, encrypted ciphertext information is generated into a ciphertext address, and the ciphertext address is stored in a basic database through information hiding technologies such as digital watermarking.
As shown in fig. 2: schematic diagram of encryption and decryption process of the invention; specifically, the encryption process as shown in fig. 2: firstly, a plaintext sender obtains a first public key of a receiver user through a proper path, encrypts plaintext information to be sent through the first public key of the receiver user in an encryption process of an asymmetric encryption algorithm, generates ciphertext addresses from encrypted ciphertext information, and stores the generated ciphertext addresses into a basic database through information hiding technologies such as digital watermarking and the like to hide and disguise.
The present embodiment is preferably specifically described by the encryption process of the RSA encryption algorithm and the ECC encryption algorithm among the asymmetric encryption algorithms.
Firstly, the encryption process of the RSA encryption algorithm and the ECC encryption algorithm needs to be described in detail:
the encryption process of the RSA encryption algorithm is as follows: the sender user encrypts plaintext information to be sent through a first public key (n, e) of the receiver user; specifically, the encryption process is defined by an encryption algorithm function: c=m e And (3) encrypting the plaintext information by mod n, wherein m is the plaintext information, and c is the encrypted ciphertext information.
The encryption process of the ECC encryption algorithm is as follows: receiving the method flow of generating the first public key Q by the ECC encryption algorithm, the user codes the plaintext information to be transmitted to a point M on Ep (a, b), and generates a random integer r, and the random integer r is generated by an encryption function: c= { rP, m+rq } generates ciphertext information, where P is a base point and C is the generated ciphertext information.
In the above embodiment, the sender encrypts the plaintext information to be sent through the first public key of the RSA encryption algorithm or the ECC encryption algorithm, generates ciphertext information, generates a ciphertext address through the ciphertext information, and stores the ciphertext address in the base database through the information hiding technology such as digital watermarking.
In step S205, during decryption, the receiving user obtains the plaintext information by inputting the second private key of the receiving user.
Specifically, after the system saves the generated ciphertext address to the base database, a program for decrypting according to the hidden ciphertext address is generated, and the program sends a decrypted link to a receiver user for the system; after receiving the link, the user at the receiving party inputs the second private key, and the plaintext information can be directly obtained through automatic decryption of the system.
As shown in fig. 2: schematic diagram of encryption and decryption process of the invention; specifically, the decryption process as shown in fig. 2: firstly, after receiving a decryption link sent by a system, a receiver user inputs a second private key of the receiver user, and the system automatically decrypts the program; the automatic decryption method of the system comprises the following steps: firstly, locking a second private key address of a user through a second private key of a receiver user, verifying a mathematical function omega=g (mu, v) of the second private key address, and verifying whether the second private key input by the receiver user is correct or not; if the second private key input by the user at the receiving side is correct, the system can obtain the first private key v of the user through the mathematical function and the first public key mu; and then locking a ciphertext address generated by encrypting the plaintext by the first public key mu of the user through the first private key v of the user, and obtaining plaintext information through decrypting ciphertext information in the ciphertext address.
Preferably, the method for verifying whether the second private key input by the user of the receiving party is correct is as follows: calculating whether the hash value of the mathematical function omega=g (mu, v) stored by the second private key address is the same as the second private key of the user, if so, proving that the second private key input by the user is correct, and obtaining the first private key v of the receiver user through the mathematical function omega=g (mu, v) and the first public key mu.
In the above technical solution, by verifying that the hash value of the mathematical function ω=g (μ, v) is different from the second private key of the receiving user, it is proved that the second private key input by the user is incorrect, and the system automatic decryption procedure is stopped.
In the above technical solution, the obtained first private key v of the receiver user locks the ciphertext address generated by encrypting the first public key μ of the receiver user, and the ciphertext information is decrypted by extracting the ciphertext information in the ciphertext address, so as to finally obtain the corresponding plaintext information.
In the above technical solution, when the obtained first private key v of the receiving party user locks the ciphertext address generated after being encrypted by the first public key μ of the receiving party user, only the ciphertext address in which the ciphertext information in the ciphertext address is not decrypted is locked.
Preferably, for easy understanding, the present embodiment specifically describes decryption procedures of the RSA encryption algorithm and the ECC encryption algorithm in the present invention.
First, a decryption process of a conventional RSA encryption algorithm and an ECC encryption algorithm will be described.
The decryption process of the RSA encryption algorithm is as follows:
by means of a decryption algorithm function: m=c d And (3) decrypting the ciphertext information by mod n to obtain plaintext information, wherein m is plaintext information, c is ciphertext information, and (n, d) is a private key of the user.
The decryption process of the ECC encryption algorithm is as follows:
by means of a decryption algorithm: m+rq-K (rP) =m, where P is a base point, K is a private key, Q is a public key (q=kp), r is a random integer, and M is a point on Ep of the encoded plaintext information, and the plaintext information can be obtained by decoding M.
Preferably, the decryption process of the RSA encryption algorithm in this embodiment is: taking the second private key address as λ=h (μ) f (v), where μ= (n, e), v= (n, d), h (μ) and f (v) are binary functions, and the ciphertext address is c=m e mod n, where (n, e) in the ciphertext address is the first public key of the user, m is plaintext information, and c is ciphertext information.
In the above embodiment, preferably, the decryption process of the RSA encryption algorithm by the second private key is:
the receiver user inputs a second private key, firstly, the second private key of the receiver user extracts a mathematical function lambda=h (mu) f (v) of the second private key address by locking the second private key address, mu is a first public key, and v is a first private key; then converting the mathematical function lambda=h (mu) f (v) into a hash value, comparing whether the hash value converted by the mathematical function is the same as the second private key input by the receiver user, if so, proving that the second private key input by the receiver user is correct, and if not, proving that the second private key input by the receiver user is incorrect; if the second private key input by the receiver user is correct, the first private key v (n, d) of the receiver user is obtained according to the mathematical function form and the known first public key mu (n, e).
In the technical proposalLocking a ciphertext address generated after being encrypted by a first public key mu (n, e) of a receiver user in a basic database through the obtained first private key v (n, d) of the receiver user, extracting ciphertext information c in the ciphertext address, decrypting the ciphertext information c through a decryption process of an RSA encryption algorithm, wherein the decryption process function of the RSA encryption algorithm is as follows: m=c d And mod n, wherein the obtained m is plaintext information, and the system feeds the plaintext information m back to the user of the receiving party.
Preferably, the decryption process of the ECC encryption algorithm in this embodiment is: with the second private key address as the addressFor example, where μ=q, Q is the first public key of the ECC encryption algorithm, v=k, k is the first private key of the ECC encryption algorithm, i (μ) is a binary function, j (v) is a unitary function, i.e.>
In the above embodiment, preferably, the process of decrypting by the ECC encryption algorithm with the second private key is:
the receiver user inputs the second private key, firstly, the second private key of the receiver user extracts the mathematical function of the second private key address by locking the second private key addressQ is a first public key, k is a first private key; then by adding mathematical functions->Converting the second private key into a hash value, comparing whether the hash value converted by the mathematical function is the same as the second private key input by the receiver user, if so, proving that the second private key input by the receiver user is correct, and if not, proving that the second private key input by the receiver user is incorrect; if the second private key input by the receiver user is correct, the first private key k of the receiver user is obtained according to the mathematical function form and the known first public key Q.
In the above technical solution, the ciphertext address generated by encrypting the first public key Q of the receiving party user is locked in the base database by the obtained first private key k of the receiving party user, ciphertext information c= { rP, m+rq } in the ciphertext address is extracted, the point M where plaintext information is encoded onto Ep (a, b) is obtained by the decryption process m+rq-k (rP) =m of the ECC encryption algorithm, plaintext information is obtained by decoding the point M, and finally the plaintext information is fed back to the user.
It is to be understood that the above-described embodiments are one or more embodiments of the invention, and that many other embodiments and variations thereof are possible in accordance with the invention; variations and modifications of the invention, which are intended to be within the scope of the invention, will occur to those skilled in the art without any development of the invention.
Claims (9)
1. A method of enhancing security of an asymmetric encryption algorithm, the method comprising the steps of:
firstly, establishing a basic database, wherein the basic database is used for hiding important encryption information;
generating a pair of keys of a user through an asymmetric encryption algorithm, wherein the keys comprise a public key and a private key, the public key is regarded as a first public key of the user, and the private key is regarded as a first private key of the user;
calculating a first public key and a first private key of a user in one step, wherein the first public key and the first private key of the user are included in the random mathematic questions, and hiding the random mathematic questions into the basic database through an information hiding technology;
obtaining a hash value of the mathematical problem, and taking the obtained hash value as a second private key of the user;
when encrypting, a sender user inquires and acquires a receiver user first public key, the acquired receiver user first public key encrypts plaintext data to be encrypted through an encryption process of an asymmetric encryption algorithm to acquire ciphertext information, and the ciphertext information is hidden in the basic database through an information hiding technology;
and when decrypting, the receiver user obtains the plaintext information by inputting the second private key of the receiver user.
2. A method of enhancing security of an asymmetric encryption algorithm as claimed in claim 1, wherein said base database comprises: all data collected before the system operates; the data in the base database is updated continuously over time, but the original data content is kept.
3. The method of claim 1, wherein the computing the one-step random mathematical problem on the first public key and the first private key of the user comprises: the mathematical terms are used for generating a random mathematical function through a system: ω=g (μ, v), substituting the first public key and the first private key of the user into the mathematical function for calculation; where μ in the mathematical function ω=g (μ, v) is taken as the first public key found by the asymmetric encryption algorithm, v is taken as the first private key found by the asymmetric encryption algorithm, ω is the result of the mathematical function.
4. The method for enhancing security of an asymmetric encryption algorithm according to claim 1, wherein said obtaining a hash value of said mathematical problem, using said obtained hash value as a second private key of a user comprises: performing hash calculation on a mathematical function omega=g (mu, v) through a hash algorithm, converting the mathematical function into a hash value, and regarding the obtained hash value as a second private key of the user; the hashing of the logarithmic function ω=g (μ, v) refers to hashing the entire functional of the logarithmic function, rather than hashing only the result ω of the logarithmic function.
5. The method for enhancing security of an asymmetric encryption algorithm according to claim 1, wherein said obtaining a hash value of said mathematical problem, using said obtained hash value as the second private key of the user further comprises: and storing a mathematical function omega=g (mu, v) for hash calculation in a basic database, generating a second private key address, and hiding and disguising the second private key address through an information hiding technology.
6. A method of enhancing security of an asymmetric encryption algorithm as claimed in claim 1, wherein said encrypting comprises: the sender refers to an information sender user, and the receiver refers to an information receiver user; when encrypting, a sender user obtains a first public key of a receiver user through inquiry, encrypts plaintext information to be transmitted through the obtained first public key of the receiver user in an asymmetric encryption algorithm encryption process, generates a ciphertext address of encrypted ciphertext information, stores the generated ciphertext address in a basic database, and conceals and disguises the ciphertext address through an information hiding technology.
7. A method of enhancing security of an asymmetric encryption algorithm as claimed in claim 1, wherein said decrypting comprises: when decrypting, the receiver user automatically decrypts the system by inputting the second private key; the system performs automatic decryption, firstly locks the second private key address of the receiver user, verifies the mathematical function omega=g (mu, v) of the second private key address, verifies whether the hash value converted by the mathematical function omega=g (mu, v) is identical to the second private key of the receiver user, and if so, proves that the second private key input by the user is correct.
8. The method for enhancing security of an asymmetric encryption algorithm according to claim 1, wherein said decrypting further comprises: verifying that the second private key of the receiver user is correct by a mathematical function ω=g (μ, v) stored by the second private key address, where μ is the first public key of the receiver user and v is the first private key of the receiver user; the first public key μ of the receiver user is already disclosed in the whole network, and the first private key v of the receiver user is obtained through a mathematical function ω=g (μ, v).
9. The method for enhancing security of an asymmetric encryption algorithm according to claim 1, wherein said decrypting further comprises: and locking the ciphertext address generated after being encrypted by the first public key of the receiver user by the obtained first private key v of the receiver user, finally obtaining plaintext information by decrypting Cheng Jiemi ciphertext information by an asymmetric encryption algorithm, and feeding the obtained plaintext information back to the receiver user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311285255.2A CN117201170B (en) | 2023-10-07 | 2023-10-07 | Method for enhancing security of asymmetric encryption algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311285255.2A CN117201170B (en) | 2023-10-07 | 2023-10-07 | Method for enhancing security of asymmetric encryption algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117201170A true CN117201170A (en) | 2023-12-08 |
| CN117201170B CN117201170B (en) | 2024-02-09 |
Family
ID=88988778
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311285255.2A Active CN117201170B (en) | 2023-10-07 | 2023-10-07 | Method for enhancing security of asymmetric encryption algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117201170B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20040009766A (en) * | 2002-07-25 | 2004-01-31 | 학교법인 성균관대학 | Apparatus and method for transmitting and receiving in encryption system |
| KR20110016387A (en) * | 2009-08-11 | 2011-02-17 | 숭실대학교산학협력단 | Public key-based authentication apparatus and method for authentication |
| CN102271043A (en) * | 2011-08-26 | 2011-12-07 | 四川长虹电器股份有限公司 | data transmission protection method |
| CN109508552A (en) * | 2018-11-09 | 2019-03-22 | 江苏大学 | The method for secret protection of distributed cloud storage system |
| CN112738133A (en) * | 2021-01-27 | 2021-04-30 | 李晓坤 | RSA authentication method |
| CN112887972A (en) * | 2021-01-13 | 2021-06-01 | 浙江工业大学 | Android local area network secure communication method based on asymmetric encryption and APP |
| CN113297619A (en) * | 2021-05-28 | 2021-08-24 | 哈尔滨理工大学 | Mysql sensitive data protection system based on extensible precision double-chaos hash and RSA |
| CN115941180A (en) * | 2023-02-15 | 2023-04-07 | 华中科技大学 | Key distribution method and system based on post-quantum security and identity identification |
-
2023
- 2023-10-07 CN CN202311285255.2A patent/CN117201170B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20040009766A (en) * | 2002-07-25 | 2004-01-31 | 학교법인 성균관대학 | Apparatus and method for transmitting and receiving in encryption system |
| KR20110016387A (en) * | 2009-08-11 | 2011-02-17 | 숭실대학교산학협력단 | Public key-based authentication apparatus and method for authentication |
| CN102271043A (en) * | 2011-08-26 | 2011-12-07 | 四川长虹电器股份有限公司 | data transmission protection method |
| CN109508552A (en) * | 2018-11-09 | 2019-03-22 | 江苏大学 | The method for secret protection of distributed cloud storage system |
| CN112887972A (en) * | 2021-01-13 | 2021-06-01 | 浙江工业大学 | Android local area network secure communication method based on asymmetric encryption and APP |
| CN112738133A (en) * | 2021-01-27 | 2021-04-30 | 李晓坤 | RSA authentication method |
| CN113297619A (en) * | 2021-05-28 | 2021-08-24 | 哈尔滨理工大学 | Mysql sensitive data protection system based on extensible precision double-chaos hash and RSA |
| CN115941180A (en) * | 2023-02-15 | 2023-04-07 | 华中科技大学 | Key distribution method and system based on post-quantum security and identity identification |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117201170B (en) | 2024-02-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7164580B6 (en) | Secure multi-party loss-tolerant storage and transfer of cryptographic keys for blockchain-based systems in conjunction with wallet management systems | |
| CN110213042B (en) | Cloud data deduplication method based on certificate-free proxy re-encryption | |
| US10903991B1 (en) | Systems and methods for generating signatures | |
| CN107707358B (en) | EC-KCDSA digital signature generation method and system | |
| US11212094B2 (en) | Joint blind key escrow | |
| US7594261B2 (en) | Cryptographic applications of the Cartier pairing | |
| CN110113155B (en) | High-efficiency certificateless public key encryption method | |
| GB2401014A (en) | Identifier based encryption method using an encrypted condition and a trusted party | |
| CN110545169B (en) | Block chain method and system based on asymmetric key pool and implicit certificate | |
| JP2020532177A (en) | Computer-implemented systems and methods for advanced data security, high-speed encryption, and transmission | |
| KR20100024605A (en) | A password authenticated key exchange method using the rsa | |
| EP4289103A1 (en) | Threshold key exchange | |
| CN114448641A (en) | Privacy encryption method, electronic equipment, storage medium and chip | |
| CN110519040B (en) | Anti-quantum computation digital signature method and system based on identity | |
| CN114448640A (en) | Double-blind information distribution method and device and computer readable storage medium | |
| Kumar et al. | An efficient implementation of digital signature algorithm with SRNN public key cryptography | |
| CN111526131B (en) | Anti-quantum-computation electronic official document transmission method and system based on secret sharing and quantum communication service station | |
| US20050021973A1 (en) | Cryptographic method and apparatus | |
| CN114760072B (en) | Signature and signature verification method, device and storage medium | |
| JP4307589B2 (en) | Authentication protocol | |
| CN117201170B (en) | Method for enhancing security of asymmetric encryption algorithm | |
| CN114070550B (en) | Information processing method, device, equipment and storage medium | |
| CN109688103B (en) | Auditable encryption storage method | |
| Rasmussen et al. | Weak and strong deniable authenticated encryption: on their relationship and applications | |
| CN110572788B (en) | Wireless sensor communication method and system based on asymmetric key pool and implicit certificate |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |